//This returns an XML string from the SQS queue that contains the 10 most recent messages.
public static string GetSQSMessages()
{
string region = config["Region"];
// Construct a virtual hosted style address with the bucket name part of the host address,
// placing the region into the url if we're not using us-east-1.
var regionUrlPart = string.Format("-{0}", region);
//This is our QA fifo queue, replace it with your queue's url
var endpointUri = BaseUrl + config["AccountId"] + "/" + config["QueueName"];
var requestParameters = "Action=ReceiveMessage&MaxNumberOfMessages=" + MessagesToReceieve;
var uri = new Uri(endpointUri + "?" + requestParameters);
var headers = new Dictionary <string, string>()
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 }
// {"content-type", "text/plain"}
};
//Use the AWS4 signer to generate the signer and sign the request
var signer = new AWS4SignerForAuthorizationHeader()
{
EndpointUri = uri,
HttpMethod = "GET",
Service = "sqs",
Region = region
};
var authorization = signer.ComputeSignature(headers, requestParameters, AWS4SignerBase.EMPTY_BODY_SHA256,
config["AccessKey"], config["SecretKey"]);
headers.Add("Authorization", authorization);
string response = HttpHelpers.InvokeHttpRequest(uri, "GET", headers, null);
//Console.WriteLine(response);
return(response);
}
public static string GenerateGetRequestMethod(string entityType, string entityId)
{
//Generates a JSON object from the session token JSON string
JObject credentials = JObject.Parse(GetSessionToken().Result);
var endpointUri = BaseConnectionString + entityType + "/" + entityId;
var uri = new Uri(endpointUri);
var headers = new Dictionary <string, string>()
{
{ "content-type", "application/x-www-form-urlencoded" },
{ "x-amz-security-token", credentials.GetValue("sessionToken").ToString() },
{ "x-api-key", ConfigSetup.ApiKey }
};
//Use the AWS4 signer to generate the signer and sign the request
var signer = new AWS4SignerForAuthorizationHeader()
{
EndpointUri = uri,
HttpMethod = "GET",
Service = "execute-api",
Region = Region
};
//Uses the generated accessKey and secretKey from GenerateSessionToken(), NOT FROM CONFIG
var authorization = signer.ComputeSignature(headers, "", AWS4SignerBase.EMPTY_BODY_SHA256,
credentials.GetValue("accessKey").ToString(), credentials.GetValue("secretKey").ToString());
Console.WriteLine(authorization);
//Add the signed authorization to headers
Console.WriteLine("AUTHORIZATION: " + authorization);
headers.Add("Authorization", authorization);
string response = HttpHelpers.InvokeHttpRequest(uri, "GET", headers, null);
//Console.WriteLine(response);
return(response);
}
/// <summary>
/// Request the content of an object from the specified bucket using virtual hosted-style
/// object addressing.
/// </summary>
public static void Run(string objectKey, string email, string awsAccessKey, string awsSecretKey)
{
Console.WriteLine("GetConfidential");
var endpointUri = $"https://localhost:44397/{objectKey}/{email}";
var uri = new Uri(endpointUri);
// for a simple GET, we have no body so supply the precomputed 'empty' hash
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 },
{ "content-type", "text/plain" }
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = "GET",
Service = "",
Region = ""
};
var authorization = signer.ComputeSignature(headers,
"", // no query parameters
AWS4SignerBase.EMPTY_BODY_SHA256,
awsAccessKey,
awsSecretKey);
// place the computed signature into a formatted 'Authorization' header
// and call S3
headers.Add("Authorization", authorization);
HttpHelpers.InvokeHttpRequest(uri, "GET", headers, null);
}
/// <summary>
/// Uploads content to an Amazon S3 object in a single call using Signature V4 authorization.
/// </summary>
public static void Run(string filePath, Stream objectToSave, RegionEndpoint region, string bucketName, string accessKey, string secretKey)
{
var endpointUri = $"https://{bucketName}.s3-{region.SystemName}.amazonaws.com/{filePath}";
var uri = new Uri(endpointUri);
var contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(objectToSave);
objectToSave.Position = 0;
var contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var headers = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase)
{
{ AWS4SignerBase.X_Amz_Content_SHA256, contentHashString },
{ AWS4SignerBase.X_Amz_Expires, TimeSpan.FromMinutes(5).TotalSeconds.ToString() },
{ AWS4SignerBase.X_Amz_Acl, "public-read" },
{ "content-length", objectToSave.Length.ToString() },
{ "content-type", "image/*" },
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = WebRequestMethods.Http.Put,
Service = "s3",
Region = region.SystemName
};
var authorization = signer.ComputeSignature(headers, "", contentHashString, accessKey, secretKey);
headers.Add("Authorization", authorization);
HttpHelpers.InvokeHttpRequest(uri, WebRequestMethods.Http.Put, headers, objectToSave);
}
private static Dictionary <string, string> BuildHeaders(Uri uri, string payload)
{
byte[] contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(payload));
string contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, contentHashString },
{ "content-length", payload.Length.ToString() },
{ "content-type", "text/plain" }
};
var uriWithoutQueryString = new Uri(uri.GetLeftPart(UriPartial.Path));
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uriWithoutQueryString,
HttpMethod = "POST",
Service = "iotdevicegateway",
Region = "us-east-1"
};
string AWSAccessKey = ConfigHelper.ReadSetting("accesskey");
string AWSSecretKey = ConfigHelper.ReadSetting("secretkey");
string queryStringWithoutLeadingQuestionMark = string.IsNullOrEmpty(uri.Query) ? string.Empty : uri.Query.Substring(1);
var authorization = signer.ComputeSignature(headers, queryStringWithoutLeadingQuestionMark, contentHashString, AWSAccessKey, AWSSecretKey);
headers.Add("Authorization", authorization);
return(headers);
}
public static async System.Threading.Tasks.Task <object> MainAsync(string uri, string AWSAccessKey, string AWSSecretKey)
{
var sp = uri.Split('/');
uri = Prefix + sp.Last();
// for a simple GET, we have no body so supply the precomputed 'empty' hash
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 },
{ "content-type", "text/plain" },
{ "x-amz-request-payer", "requester" }
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = new Uri(uri),
HttpMethod = "GET",
Service = "s3",
Region = "eu-west-1"
};
var authorization = signer.ComputeSignature(headers,
"", // no query parameters
AWS4SignerBase.EMPTY_BODY_SHA256,
AWSAccessKey,
AWSSecretKey);
// place the computed signature into a formatted 'Authorization' header
// and call S3
headers.Add("Authorization", authorization);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri);
foreach (var header in headers.Keys)
{
request.Headers[header] = headers[header];
}
byte[] bytes;
using (var response = await request.GetResponseAsync())
using (var stream = response.GetResponseStream())
using (var dst = new MemoryStream())
{
stream.CopyTo(dst);
bytes = dst.ToArray();
}
var result = DataParser.ParseReplay(bytes, ParseOptions.MediumParsing);
if (result.Item1 != DataParser.ReplayParseResult.Success || result.Item2 == null)
{
return($"Error parsing replay: {result.Item1}");
}
return(ToJson(result.Item2));
}
public static string GeneratePutRequestMethod(string entityType, string entityId, string jsonFilePath)
{
//Generates a JSON object from the session token JSON string
JObject credentials = JObject.Parse(GetSessionToken().Result);
//Get the JSON for the entity being updated and hash it for the PUT request
var jsonObject = File.ReadAllText(jsonFilePath);
var encodedJsonBytes = Encoding.UTF8.GetBytes(jsonObject);
var hashedJsonString = ComputeSHA256Hash(encodedJsonBytes);
var endpointUri = BaseConnectionString + entityType + "/" + entityId;
var uri = new Uri(endpointUri);
var headers = new Dictionary <string, string>()
{
{ "content-type", "application/json" },
{ "x-amz-security-token", credentials.GetValue("sessionToken").ToString() },
{ "x-api-key", ConfigSetup.ApiKey }
};
//Use the AWS4 signer to generate the signer and sign the request
var signer = new AWS4SignerForAuthorizationHeader()
{
EndpointUri = uri,
HttpMethod = "PUT",
Service = "execute-api",
Region = Region
};
//Uses the generated accessKey and secretKey from GenerateSessionToken(), NOT FROM CONFIG
var authorization = signer.ComputeSignature(headers, "", hashedJsonString,
credentials.GetValue("accessKey").ToString(), credentials.GetValue("secretKey").ToString());
//Add the signed authorization to headers
headers.Add("Authorization", authorization);
string response = HttpHelpers.InvokeHttpRequest(uri, "PUT", headers, jsonObject);
//Console.WriteLine(response);
return(response);
}
private static void DeleteMessage(List <string> receiptHandles)
{
foreach (string receipt in receiptHandles)
{
string region = config["Region"];
// Construct a virtual hosted style address with the bucket name part of the host address,
// placing the region into the url if we're not using us-east-1.
var regionUrlPart = string.Format("-{0}", region);
//This is our QA fifo queue, replace it with your queue's url
var endpointUri = BaseUrl + config["AccountId"] + "/" + config["QueueName"];
//Encode the receipt handle and add it to the url
Console.WriteLine(receipt);
Console.WriteLine();
var encodedReceipt = WebUtility.UrlEncode(receipt);
var requestParameters = "Action=DeleteMessage&ReceiptHandle=" + encodedReceipt;
var uri = new Uri(endpointUri + "?" + requestParameters);
var headers = new Dictionary <string, string>()
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 }
};
//Use the AWS4 signer to generate the signer and sign the request
var signer = new AWS4SignerForAuthorizationHeader()
{
EndpointUri = uri,
HttpMethod = "GET",
Service = "sqs",
Region = region,
};
var authorization = signer.ComputeSignature(headers, requestParameters, AWS4SignerBase.EMPTY_BODY_SHA256,
config["AccessKey"], config["SecretKey"]);
headers.Add("Authorization", authorization);
string response = HttpHelpers.InvokeHttpRequest(uri, "GET", headers, null);
//Console.WriteLine(response);
//Console.WriteLine("Receipt for message deleted: " + receipt);
}
}
public ClientRequest(string objectKey, string email)
{
objectKey += "?email=" + email;
var endpointUri = string.Format("http://localhost:59982/{0}", objectKey);
var uri = new Uri(endpointUri);
//construct the header
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 },
{ "content-length", email.Length.ToString() },
{ "content-type", "text/plain" }
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = "POST",
Service = "",
Region = ""
};
var authorization = signer.ComputeSignature(headers,
"", // no query parameters
AWS4SignerBase.EMPTY_BODY_SHA256,
AWSAccessKey,
AWSSecretKey);
// place the computed signature into a formatted 'Authorization' header
// and call S3
headers.Add("Authorization", authorization);
HttpHelpers.InvokeHttpRequest(uri, "POST", headers, email);
}
// Generates a HTTPS requestfor API Gateway signed with the Cognito credentials from a url using the S3 signer tool example
// NOTE: You need to add the floders "Signers" and "Util" to the project from the S3 signer tool example: https://docs.aws.amazon.com/AmazonS3/latest/API/samples/AmazonS3SigV4_Samples_CSharp.zip
HttpRequestMessage generateSignedRequest(string url)
{
var endpointUri = url;
var uri = new Uri(endpointUri);
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 },
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = "GET",
Service = "execute-api",
Region = regionString
};
//Extract the query parameters
var queryParams = "";
if (url.Split('?').Length > 1)
{
queryParams = url.Split('?')[1];
}
var authorization = signer.ComputeSignature(headers,
queryParams,
AWS4SignerBase.EMPTY_BODY_SHA256,
Client.cognitoCredentials.AccessKey,
Client.cognitoCredentials.SecretKey);
headers.Add("Authorization", authorization);
var request = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri(url),
};
// Add the generated headers to the request
foreach (var header in headers)
{
try
{
if (header.Key != null && header.Value != null)
{
request.Headers.Add(header.Key, header.Value);
}
}
catch (Exception e)
{
Debug.Log("error: " + e.GetType().ToString());
}
}
// Add the IAM authentication token
request.Headers.Add("x-amz-security-token", Client.cognitoCredentials.Token);
return(request);
}
async void Run()
{
var cognitoIdp = new AmazonCognitoIdentityProviderClient();
var region = ConfigurationManager.AppSettings["region"];
var userPoolId = ConfigurationManager.AppSettings["userPoolId"];
var clientId = ConfigurationManager.AppSettings["clientId"];
var identityPoolId = ConfigurationManager.AppSettings["identityPoolId"];
var username = ConfigurationManager.AppSettings["username"];
var password = ConfigurationManager.AppSettings["password"];
var apiId = ConfigurationManager.AppSettings["apiId"];
var stage = ConfigurationManager.AppSettings["stage"];
var method = ConfigurationManager.AppSettings["method"];
var path = ConfigurationManager.AppSettings["path"];
var querystring = ConfigurationManager.AppSettings["querystring"];
try
{
var request = new AdminInitiateAuthRequest
{
AuthFlow = AuthFlowType.ADMIN_NO_SRP_AUTH,
ClientId = clientId,
UserPoolId = userPoolId,
AuthParameters = { { "USERNAME", username }, { "PASSWORD", password } }
};
var response = await cognitoIdp.AdminInitiateAuthAsync(request);
var idToken = response.AuthenticationResult.IdToken;
var credentials = new CognitoAWSCredentials(identityPoolId, RegionEndpoint.GetBySystemName(region));
var provider = String.Format("cognito-idp.{0}.amazonaws.com/{1}", region, userPoolId);
credentials.AddLogin(provider, idToken);
var immutableCredentials = await credentials.GetCredentialsAsync();
var endpoint = String.Format("https://{0}.execute-api.{1}.amazonaws.com/{2}/{3}", apiId, region, stage, path);
if (!String.IsNullOrWhiteSpace(querystring))
{
endpoint = endpoint + "?" + querystring;
}
var uri = new Uri(endpoint);
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, AWS4SignerBase.EMPTY_BODY_SHA256 },
{ "X-Amz-Security-Token", immutableCredentials.Token },
{ "content-type", "application/json" }
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = method,
Service = "execute-api",
Region = region
};
var authorization = signer.ComputeSignature(
headers,
querystring,
AWS4SignerBase.EMPTY_BODY_SHA256,
immutableCredentials.AccessKey,
immutableCredentials.SecretKey);
headers.Add("Authorization", authorization);
HttpHelpers.InvokeHttpRequest(uri, method, headers, null);
}
catch (Exception ex)
{
Console.WriteLine("Error occurred.");
Console.WriteLine(ex);
}
}
/// <summary>
/// Runs a http request to the specified endpoint
/// </summary>
/// <param name="endpointUri">
/// "https://service.chime.aws.amazon.com/meetings"
/// </param>
/// <param name="requestType">
/// "POST"
/// </param>
/// <param name="body">
/// new { ClientRequestToken = "75341496-0878-440c-9db1-a7006c25a39f", MediaRegion = "us-east-1" }
/// </param>
/// <param name="service">
/// // service = "chime"
/// </param>
/// <param name="region">
/// "us-east-1"
/// </param>
/// <param name="queryParameters">
/// ""
/// </param>
public static async Task <HttpWebResponse> Run(string endpointUri, string requestType, string service, string region, object body, string queryParameters)
{
var uri = new Uri(endpointUri);
var headers = new Dictionary <string, string>();
var authorization = string.Empty;
string serializedBody = null;
switch (requestType)
{
case Http.Post:
// precompute hash of the body content
serializedBody = JsonConvert.SerializeObject(body);
var contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(serializedBody));
var contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
headers.Add(AWS4SignerBase.X_Amz_Content_SHA256, contentHashString);
headers.Add("content-length", serializedBody.Length.ToString());
headers.Add("content-type", "text/json");
var postSigner = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = Http.Post,
Service = service,
Region = region
};
authorization = postSigner.ComputeSignature(headers, queryParameters, contentHashString, Settings.AWSAccessKey, Settings.AWSSecretKey);
// express authorization for this as a header
headers.Add("Authorization", authorization);
return(await HttpHelpers.InvokeHttpRequest(uri, Http.Post, headers, serializedBody));
case Http.Get:
headers.Add(AWS4SignerBase.X_Amz_Content_SHA256, Settings.EMPTY_BODY_SHA256);
headers.Add("content-type", "text/plain");
var getSigner = new AWS4SignerForQueryParameterAuth
{
EndpointUri = uri,
HttpMethod = Http.Get,
Service = service,
Region = region
};
authorization = getSigner.ComputeSignature(headers, queryParameters, Settings.EMPTY_BODY_SHA256, Settings.AWSAccessKey, Settings.AWSSecretKey);
var urlBuilder = new StringBuilder(endpointUri);
if (!string.IsNullOrEmpty(queryParameters))
{
urlBuilder.AppendFormat($"?{queryParameters}");
urlBuilder.AppendFormat($"&{authorization}");
}
else
{
urlBuilder.AppendFormat($"?{authorization}");
}
var presignedUrl = urlBuilder.ToString();
return(await HttpHelpers.InvokeHttpRequest(new Uri(presignedUrl), Http.Get, headers, serializedBody));
default: throw new Exception("Unknown request type");
}
}
